[Git][security-tracker-team/security-tracker][master] Add CVE-2026-37630/quickjs-ng

Tue Jun 2 07:26:51 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9efc422f by Salvatore Bonaccorso at 2026-06-02T08:25:03+02:00
Add CVE-2026-37630/quickjs-ng

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13735,7 +13735,10 @@ CVE-2026-39870 (The issue was addressed with improved memory handling. This issu
 CVE-2026-39869 (The issue was addressed with improved memory handling. This issue is f ...)
 	NOT-FOR-US: Apple
 CVE-2026-37630 (An issue in QuickJS-NG v.0.12.1 allows an attacker to execute arbitrar ...)
-	TODO: check
+	- quickjs-ng <not-affected> (Fixed with initial upload to Debian)
+	NOTE: https://github.com/quickjs-ng/quickjs/issues/1400
+	NOTE: https://github.com/quickjs-ng/quickjs/pull/1401
+	NOTE: Fixed by: https://github.com/quickjs-ng/quickjs/commit/397310610529adee8b6d763f7cbe3cb3d2fbaa09 (v0.13.0)
 CVE-2026-36734 (EDIMAX BR-6428nS V3 1.15 is vulnerable to Command Injection. An authen ...)
 	NOT-FOR-US: EDIMAX
 CVE-2026-34963 (barebox version prior to 2026.04.0 contains multiple memory-safety vul ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9efc422f815b68accfd5226507d724cb3c1e7b0e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9efc422f815b68accfd5226507d724cb3c1e7b0e
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260602/d2098283/attachment.htm>
